Abstract
Cryptographic hardware primitives must be protected against fault-injection attacks. Security-oriented error-detecting codes provide (probabilistic) guarantees for detection of maliciously injected faults even under assumption of a sophisticated attacker with access to powerful equipment.In this paper, we revisit the earlier finding that error-detection infrastructure may increase the undesired information leakage. We formalize the information leakage from the checker response by means of mutual information. We apply our analysis to the best security-oriented robust codes known today. We prove that the probability of an undetected attack is exponentially smaller than the entropy loss due to information leak from the checker. This means that an attack will be detected far before the attacker will gain significant information. Given a bound for acceptable information leakage (e.g., 0.5 bits of a 128-bit secret key), our analysis allows the designer to easily choose the number of redundant bits required to stay below that bound. The obtained results extend our knowledge about the relationship between detection capabilities of codes and information leakage due to them.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
